[prev in list] [next in list] [prev in thread] [next in thread]
List: netfilter
Subject: performance
From: Nelson <tanginhw () comp ! nus ! edu ! sg>
Date: 2000-07-26 12:42:50
[Download RAW message or body]
hi list,
i've setup bridge with 2 clients attached to the bridge. i have changed
the bridge module to hook up to the FORWARD chain of the iptables so that
all pkts that the bridge received, it will pass to the FORWARD chain for
inspection.
these readings are taken by running ttcp on the 2 clients, one sending
pkts via the command "ttcp -t -l 1024 -nX laptop" and the other receiving
the pkts via the command "ttcp -r" where X is the pkt size and
'laptop' is the name of the client receiving the pkts. the bridge is
in between the 2 clients, relaying the pkts.
pkt size no filters 10 filters 40 filters
======== ========== ========== ==========
64kb 0.01s 0.01s 0.01s
128kb 0.108s 0.104s 0.101s
256kb 0.267s 0.253s 0.246s
512kb 0.563s 0.575s 0.572s
1024kb 1.172s 1.222s 1.224s
2048kb 2.488s 2.476s 2.453s
4096kb 4.985s 4.998s 4.991s
the filters are created by:
iptables -A FORWARD -i ethx -s 1.1.1.1 -j DROP
.......
.......
iptables -A FORWARD -i ethx -s 1.1.1.10 -j DROP
to input 10 dummy filters into the FORWARD chain, where x is the
bridge's interface where the sending client is attached to. the same is
being done to obtain 40 filters.
it seem to show from the readings that the performance/throughput is not
affected consistently and significantly by the number of rules/filters. is
this correct?
thanx.
ps: pls cc any followup to me as i'm still in the process of joinning the
list (haven't got the reply from the server yet ;p
Nelson
-------------------------------------------
"You will never walk alone"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic